Package com.nimbusds.common.oauth2
Class BasicAccessTokenValidator
- java.lang.Object
-
- com.nimbusds.common.oauth2.BasicAccessTokenValidator
-
- All Implemented Interfaces:
MasterAccessTokenValidator
@ThreadSafe public class BasicAccessTokenValidator extends Object
Basic access token validator. Supports servlet-based and JAX-RS based web applications.
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from interface com.nimbusds.common.oauth2.MasterAccessTokenValidator
MasterAccessTokenValidator.ErrorResponse
-
-
Field Summary
Fields Modifier and Type Field Description protected List<byte[]>
expectedTokenHashes
The expected access token hashes, empty list if access to the web API is disabled.protected byte[]
hashSalt
Optional salt for computing the SHA-256 hashes.protected org.apache.logging.log4j.Logger
log
Optional logger.-
Fields inherited from interface com.nimbusds.common.oauth2.MasterAccessTokenValidator
INVALID_BEARER_TOKEN, MISSING_BEARER_TOKEN, WEB_API_DISABLED
-
-
Constructor Summary
Constructors Constructor Description BasicAccessTokenValidator(com.nimbusds.oauth2.sdk.token.BearerAccessToken accessToken)
Creates a new basic access token validator.BasicAccessTokenValidator(com.nimbusds.oauth2.sdk.token.BearerAccessToken... accessTokens)
Creates a new basic access token validator.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
accessIsDisabled()
Returnstrue
if access is disabled (no access token configured).org.apache.logging.log4j.Logger
getLogger()
Gets the optional logger.int
getNumberConfiguredTokens()
Returns the number of configured tokens.boolean
isValid(com.nimbusds.oauth2.sdk.token.BearerAccessToken accessToken)
Returnstrue
if the specified bearer access token is valid.void
setLogger(org.apache.logging.log4j.Logger log)
Sets the optional logger.void
validateBearerAccessToken(String authzHeader)
Validates a bearer access token passed in the specified HTTP Authorization header value.boolean
validateBearerAccessToken(javax.servlet.http.HttpServletRequest servletRequest, javax.servlet.http.HttpServletResponse servletResponse)
Validates a bearer access token passed in the specified HTTP servlet request.
-
-
-
Field Detail
-
expectedTokenHashes
protected final List<byte[]> expectedTokenHashes
The expected access token hashes, empty list if access to the web API is disabled.
-
hashSalt
protected byte[] hashSalt
Optional salt for computing the SHA-256 hashes.
-
log
protected org.apache.logging.log4j.Logger log
Optional logger.
-
-
Constructor Detail
-
BasicAccessTokenValidator
public BasicAccessTokenValidator(com.nimbusds.oauth2.sdk.token.BearerAccessToken accessToken)
Creates a new basic access token validator.- Parameters:
accessToken
- The Bearer access token. Ifnull
access to the web API will be disabled.
-
BasicAccessTokenValidator
public BasicAccessTokenValidator(com.nimbusds.oauth2.sdk.token.BearerAccessToken... accessTokens)
Creates a new basic access token validator.- Parameters:
accessTokens
- The Bearer access tokens. Ifnull
access to the web API will be disabled.
-
-
Method Detail
-
accessIsDisabled
public boolean accessIsDisabled()
Description copied from interface:MasterAccessTokenValidator
Returnstrue
if access is disabled (no access token configured).- Specified by:
accessIsDisabled
in interfaceMasterAccessTokenValidator
- Returns:
true
if access is disabled, elsefalse
.
-
getLogger
public org.apache.logging.log4j.Logger getLogger()
Description copied from interface:MasterAccessTokenValidator
Gets the optional logger.- Specified by:
getLogger
in interfaceMasterAccessTokenValidator
- Returns:
- The logger,
null
if not specified.
-
setLogger
public void setLogger(org.apache.logging.log4j.Logger log)
Description copied from interface:MasterAccessTokenValidator
Sets the optional logger.- Specified by:
setLogger
in interfaceMasterAccessTokenValidator
- Parameters:
log
- The logger,null
if not specified.
-
validateBearerAccessToken
public void validateBearerAccessToken(String authzHeader) throws javax.ws.rs.WebApplicationException
Description copied from interface:MasterAccessTokenValidator
Validates a bearer access token passed in the specified HTTP Authorization header value.- Parameters:
authzHeader
- The HTTP Authorization header value,null
if not specified.- Throws:
javax.ws.rs.WebApplicationException
- If the header value isnull
, the web API is disabled, or the Bearer access token is missing or invalid.
-
validateBearerAccessToken
public boolean validateBearerAccessToken(javax.servlet.http.HttpServletRequest servletRequest, javax.servlet.http.HttpServletResponse servletResponse) throws IOException
Description copied from interface:MasterAccessTokenValidator
Validates a bearer access token passed in the specified HTTP servlet request.- Parameters:
servletRequest
- The HTTP servlet request. Must not benull
.servletResponse
- The HTTP servlet response. Must not benull
.- Returns:
true
if the bearer access token was successfully validated,false
.- Throws:
IOException
- If the response couldn't be written.
-
isValid
public boolean isValid(com.nimbusds.oauth2.sdk.token.BearerAccessToken accessToken)
Description copied from interface:MasterAccessTokenValidator
Returnstrue
if the specified bearer access token is valid.- Specified by:
isValid
in interfaceMasterAccessTokenValidator
- Parameters:
accessToken
- The bearer access token to check,null
if not specified.- Returns:
true
if the specified bearer access token is valid, elsefalse
.
-
getNumberConfiguredTokens
public int getNumberConfiguredTokens()
Returns the number of configured tokens.- Returns:
- The number of configured tokens, zero if none.
-
-